Commit 7f92ff29 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

refactor: simplify keyshare server credential/attribute configuration

parent dd17b4d1
......@@ -8,6 +8,7 @@ import (
"testing"
"github.com/go-chi/chi"
irma "github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/keysharecore"
"github.com/privacybydesign/irmago/internal/test"
"github.com/privacybydesign/irmago/server"
......@@ -48,8 +49,7 @@ func StartKeyshareServer(t *testing.T, l *logrus.Logger) {
JwtKeyID: 0,
JwtPrivateKeyFile: filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
KeyshareCredential: "test.test.mijnirma",
KeyshareAttribute: "email",
KeyshareAttribute: irma.NewAttributeTypeIdentifier("test.test.mijnirma.email"),
})
require.NoError(t, err)
......
......@@ -236,9 +236,6 @@ func configureMyirmad(cmd *cobra.Command) {
DBType: myirmaserver.DatabaseType(viper.GetString("db-type")),
DBConnstring: viper.GetString("db"),
KeyshareAttributeNames: viper.GetStringSlice("keyshare-attributes"),
EmailAttributeNames: viper.GetStringSlice("email-attributes"),
LoginEmailSubject: viper.GetStringMapString("login-email-subject"),
LoginEmailFiles: viper.GetStringMapString("login-email-template"),
LoginEmailBaseURL: viper.GetStringMapString("login-url"),
......@@ -247,6 +244,17 @@ func configureMyirmad(cmd *cobra.Command) {
DeleteAccountFiles: viper.GetStringMapString("delete-account-template"),
DeleteAccountSubject: viper.GetStringMapString("delete-account-subject"),
}
for _, v := range viper.GetStringSlice("keyshare-attributes") {
confKeyshareMyirma.KeyshareAttributes = append(
confKeyshareMyirma.KeyshareAttributes,
irma.NewAttributeTypeIdentifier(v))
}
for _, v := range viper.GetStringSlice("email-attributes") {
confKeyshareMyirma.EmailAttributes = append(
confKeyshareMyirma.EmailAttributes,
irma.NewAttributeTypeIdentifier(v))
}
}
func myirmadTLS(cert, certfile, key, keyfile string) (*tls.Config, error) {
......
......@@ -241,8 +241,7 @@ func configureKeyshared(cmd *cobra.Command) {
StoragePrimaryKeyFile: viper.GetString("storage-primary-keyfile"),
StorageFallbackKeyFiles: viper.GetStringSlice("storage-fallback-keyfile"),
KeyshareCredential: viper.GetString("keyshare-credential"),
KeyshareAttribute: viper.GetString("keyshare-attribute"),
KeyshareAttribute: irma.NewAttributeTypeIdentifier(viper.GetString("keyshare-attribute")),
RegistrationEmailSubject: viper.GetStringMapString("registration-email-subject"),
RegistrationEmailFiles: viper.GetStringMapString("registration-email-template"),
......
......@@ -6,6 +6,7 @@ import (
"io/ioutil"
"strings"
irma "github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/common"
"github.com/privacybydesign/irmago/internal/keysharecore"
"github.com/privacybydesign/irmago/server/keyshare"
......@@ -47,9 +48,8 @@ type Configuration struct {
StorageFallbackKeyFiles []string `json:"storage_fallback_key_files" mapstructure:"storage_fallback_key_files"`
StoragePrimaryKeyFile string `json:"storage_primary_key_file" mapstructure:"storage_primary_key_file"`
// Keyshare credential to issue during registration
KeyshareCredential string `json:"keyshare_credential" mapstructure:"keyshare_credential"`
KeyshareAttribute string `json:"keyshare_attribute" mapstructure:"keyshare_attribute"`
// Keyshare attribute to issue during registration
KeyshareAttribute irma.AttributeTypeIdentifier `json:"keyshare_attribute" mapstructure:"keyshare_attribute"`
// Configuration for email sending during registration (email address use will be disabled if not present)
keyshare.EmailConfiguration `mapstructure:",squash"`
......
......@@ -22,8 +22,7 @@ func validConf(t *testing.T) *Configuration {
JwtKeyID: 0,
JwtPrivateKeyFile: filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
KeyshareCredential: "test.test.mijnirma",
KeyshareAttribute: "email",
KeyshareAttribute: irma.NewAttributeTypeIdentifier("test.test.mijnirma.email"),
}
}
......
......@@ -509,9 +509,9 @@ func (s *Server) doRegistration(msg irma.KeyshareEnrollment) (*irma.Qr, error) {
// Setup and return issuance session for keyshare credential.
request := irma.NewIssuanceRequest([]*irma.CredentialRequest{
{
CredentialTypeID: irma.NewCredentialTypeIdentifier(s.conf.KeyshareCredential),
CredentialTypeID: s.conf.KeyshareAttribute.CredentialTypeIdentifier(),
Attributes: map[string]string{
s.conf.KeyshareAttribute: username,
s.conf.KeyshareAttribute.Name(): username,
},
}})
sessionptr, _, err := s.sessionserver.StartSession(request, nil)
......
......@@ -351,8 +351,7 @@ func StartKeyshareServer(t *testing.T, db KeyshareDB, emailserver string) {
JwtKeyID: 0,
JwtPrivateKeyFile: filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
KeyshareCredential: "test.test.mijnirma",
KeyshareAttribute: "email",
KeyshareAttribute: irma.NewAttributeTypeIdentifier("test.test.mijnirma.email"),
RegistrationEmailFiles: map[string]string{
"en": filepath.Join(testdataPath, "emailtemplate.html"),
},
......
......@@ -41,10 +41,8 @@ type Configuration struct {
SessionLifetime int `json:"session_lifetime" mapstructure:"session_lifetime"`
// Keyshare attributes to use for login
KeyshareAttributeNames []string `json:"keyshare_attribute_names" mapstructure:"keyshare_attribute_names"`
KeyshareAttributes []irma.AttributeTypeIdentifier `json:"-"`
EmailAttributeNames []string `json:"email_attribute_names" mapstructure:"email_attribute_names"`
EmailAttributes []irma.AttributeTypeIdentifier `json:"-"`
KeyshareAttributes []irma.AttributeTypeIdentifier `json:"keyshare_attributes" mapstructure:"keyshare_attributes"`
EmailAttributes []irma.AttributeTypeIdentifier `json:"email_attributes" mapstructure:"email_attributes"`
// Configuration for email sending during login (email address use will be disabled if not present)
keyshare.EmailConfiguration `mapstructure:",squash"`
......@@ -66,24 +64,6 @@ type Configuration struct {
// Process a passed configuration to ensure all field values are valid and initialized
// as required by the rest of this keyshare server component.
func processConfiguration(conf *Configuration) error {
// Setup data for login requests
if len(conf.KeyshareAttributes) == 0 {
for _, v := range conf.KeyshareAttributeNames {
conf.KeyshareAttributes = append(
conf.KeyshareAttributes,
irma.NewAttributeTypeIdentifier(v))
}
}
// Setup data for email requests
if len(conf.EmailAttributes) == 0 {
for _, v := range conf.EmailAttributeNames {
conf.EmailAttributes = append(
conf.EmailAttributes,
irma.NewAttributeTypeIdentifier(v))
}
}
// Verify attriubte configuration
if len(conf.KeyshareAttributes) == 0 {
return server.LogError(errors.Errorf("Missing keyshare attributes"))
......
......@@ -16,19 +16,6 @@ func TestConfValidation(t *testing.T) {
testdataPath := test.FindTestdataFolder(t)
_, err := New(&Configuration{
Configuration: &server.Configuration{
SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
Logger: irma.Logger,
},
MyIRMAURL: "http://localhost:8000/",
DBType: DatabaseTypeMemory,
SessionLifetime: 60,
KeyshareAttributeNames: []string{"test.test.mijnirma.email"},
EmailAttributeNames: []string{"test.test.email.email"},
})
assert.NoError(t, err)
_, err = New(&Configuration{
Configuration: &server.Configuration{
SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
Logger: irma.Logger,
......
......@@ -407,11 +407,11 @@ func StartKeyshareServer(t *testing.T, db MyirmaDB, emailserver string) {
EmailFrom: "test@example.com",
DefaultLanguage: "en",
},
MyIRMAURL: "http://localhost:8080/irma_keyshare_server/api/v1/",
DB: db,
SessionLifetime: 15 * 60,
KeyshareAttributeNames: []string{"test.test.mijnirma.email"},
EmailAttributeNames: []string{"test.test.email.email"},
MyIRMAURL: "http://localhost:8080/irma_keyshare_server/api/v1/",
DB: db,
SessionLifetime: 15 * 60,
KeyshareAttributes: []irma.AttributeTypeIdentifier{irma.NewAttributeTypeIdentifier("test.test.mijnirma.email")},
EmailAttributes: []irma.AttributeTypeIdentifier{irma.NewAttributeTypeIdentifier("test.test.email.email")},
LoginEmailFiles: map[string]string{
"en": filepath.Join(testdataPath, "emailtemplate.html"),
},
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment